5310 matches found
[SA12719] NetworkActiv Web Server Denial of Service Vulnerability
TITLE: NetworkActiv Web Server Denial of Service Vulnerability SECUNIA ADVISORY ID: SA12719 VERIFY ADVISORY: http://secunia.com/advisories/12719/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: NetworkActiv Web Server 1.x http://secunia.com/product/4007/ DESCRIPTION: Ziv Kamir ha...
[SA12703] IBM Trading Partner Interchange Arbitrary File Access Vulnerability
TITLE: IBM Trading Partner Interchange Arbitrary File Access Vulnerability SECUNIA ADVISORY ID: SA12703 VERIFY ADVISORY: http://secunia.com/advisories/12703/ CRITICAL: Moderately critical IMPACT: Exposure of system information, Exposure of sensitive information WHERE: From remote SOFTWARE: IBM...
[Full-Disclosure] iDEFENSE Security Advisory 10.05.04a: ColdFusion MX 6.1 on IIS File Contents Disclosure
ColdFusion MX 6.1 on IIS File Contents Disclosure iDEFENSE Security Advisory 10.05.04a: www.idefense.com/application/poi/display?id=148&type=vulnerabilities October 5, 2004 I. BACKGROUND ColdFusion is a programming language based on standard HTML that is used to write dynamic webpages. When a pag...
[SA12692] MediaWiki "raw" Page Output Mode Cross-Site Scripting Vulnerability
TITLE: MediaWiki "raw" Page Output Mode Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA12692 VERIFY ADVISORY: http://secunia.com/advisories/12692/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: MediaWiki 1.x http://secunia.com/product/2546/ DESCRIPTIO...
[SA12704] Silent Storm Portal Cross-Site Scripting and Security Bypass Vulnerabilities
TITLE: Silent Storm Portal Cross-Site Scripting and Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA12704 VERIFY ADVISORY: http://secunia.com/advisories/12704/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: Silent Storm Portal...
[SA12609] YaBB Input Validation Vulnerabilities
TITLE: YaBB Input Validation Vulnerabilities SECUNIA ADVISORY ID: SA12609 VERIFY ADVISORY: http://secunia.com/advisories/12609/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: YaBB 1.x http://secunia.com/product/541/ DESCRIPTION: Two...
Alt-N MDaemon 6.5.1 SMTP Server - Multiple Command Remote Overflows
// source: https://www.securityfocus.com/bid/11238/info Alt-N MDaemon is reportedly prone to multiple remote buffer overflow vulnerabilities. The vulnerabilities are likely due to a failure of the application to properly validate buffer sizes when processing command argument input. By sending a...
Apache 2, mod_dav: Multiple vulnerabilities
Background The Apache HTTP server is one of most popular web servers on the internet. modssl provides SSL v2/v3 and TLS v1 support for it and moddav is the Apache module for Distributed Authoring and Versioning DAV. Description A potential infinite loop has been found in the input filter of modss...
gnu-radius -- SNMP-related denial-of-service
An iDEFENSE security advisory reports: Remote exploitation of an input validation error in version 1.2 of GNU radiusd could allow a denial of service. The vulnerability specifically exists within the asndecodestring function defined in snmplib/asn1.c. When a very large unsigned number is supplied...
[Full-Disclosure] iDEFENSE Security Advisory 09.13.04a: Samba nmbd Invalid Length Denial of Service Vulnerability
Samba nmbd Invalid Length Denial of Service Vulnerability iDEFENSE Security Advisory 09.13.04a www.idefense.com/application/poi/display?id=138&type=vulnerabilities September 13, 2004 I. BACKGROUND Samba is a software suite that provides file and print services to SMB/CIFS clients, such as Microso...
[SA12511] Twin FTP Server Directory Traversal Vulnerability
TITLE: Twin FTP Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA12511 VERIFY ADVISORY: http://secunia.com/advisories/12511/ CRITICAL: Highly critical IMPACT: Manipulation of data, Exposure of system information, Exposure of sensitive information WHERE: From remote SOFTWARE: Twin F...
[Full-Disclosure] iDEFENSE Security Advisory 09.09.04: F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability
F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability iDEFENSE Security Advisory 09.09.04 www.idefense.com/application/poi/display?id=137&type=vulnerabilities September 9, 2004 I. BACKGROUND F-Secure Internet Gatekeeper is an antivirus and content filtering solution...
UtilMind Solutions Site News 1.1 - Authentication Bypass
UtilMind Solutions Site News 1.1 - Authentication Bypass source: https://www.securityfocus.com/bid/11126/info Reportedly UtilMind Solutions Site News is affected by an authentication bypass vulnerability. This issue is due to an access validation error. An unauthenticated attacker can leverage th...
CVE-2002-1141
The CVE-2002-1141 issue is a vulnerability in the Sun Microsystems RPC library Services for Unix 3.0 Interix SD, executed on Windows NT4/2000/XP. It stems from an input validation error that can be exploited by malformed fragmented RPC client packets, enabling a remote denial of service. The docu...
FreeBSD Ports : rsync < 2.6.2_2
The remote host has an old version of rsync installed. There is a flaw in this version of rsync which, due to an input validation error, would allow a remote attacker to gain access to the remote system. An attacker, exploiting this flaw, would need network access to the TCP port. Successful...
Important: Red Hat Security Advisory: acroread security update
An updated Adobe Acrobat Reader package that fixes multiple security issues is now available. The Adobe Acrobat Reader browser allows for the viewing, distributing, and printing of documents in portable document format PDF. iDEFENSE has reported that Adobe Acrobat Reader 5.0 contains a buffer...
RHEL 3 : acroread (RHSA-2004:432)
An updated Adobe Acrobat Reader package that fixes multiple security issues is now available. The Adobe Acrobat Reader browser allows for the viewing, distributing, and printing of documents in portable document format PDF. iDEFENSE has reported that Adobe Acrobat Reader 5.0 contains a buffer...
[Full-Disclosure] iDEFENSE Security Advisory 08.12.04a: Adobe Acrobat Reader (Unix) Shell Metacharacter Code Execution Vulnerability
Adobe Acrobat Reader Unix Shell Metacharacter Code Execution Vulnerability iDEFENSE Security Advisory 08.12.04a www.idefense.com/application/poi/display?id=124&type=vulnerabilities August 12, 2004 I. BACKGROUND Adobe Acrobat Reader is a program for viewing Portable Document Format PDF documents...
FreeBSD : acroread uudecoder input validation error (78348ea2-ec91-11d8-b913-000c41e2cdad)
An iDEFENSE security advisory reports : Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader Unix 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded...
acroread uudecoder input validation error
An iDEFENSE security advisory reports: Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader Unix 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded...